icon bookmark-bicon bookmarkicon cameraicon checkicon chevron downicon chevron lefticon chevron righticon chevron upicon closeicon v-compressicon downloadicon editicon v-expandicon fbicon fileicon filtericon flag ruicon full chevron downicon full chevron lefticon full chevron righticon full chevron upicon gpicon insicon mailicon moveicon-musicicon mutedicon nomutedicon okicon v-pauseicon v-playicon searchicon shareicon sign inicon sign upicon stepbackicon stepforicon swipe downicon tagicon tagsicon tgicon trashicon twicon vkicon yticon wticon fm

Israeli malware can hack isolated computers by forcing their LED indicators to blink

Israeli malware can hack isolated computers by forcing their LED indicators to blink
Israeli researchers have found a way to attack isolated computers by taking control of their LED indicators, which are forced to blink up to 6,000 times a second to send a signal containing data to a camera mounted on a drone near the targeted computer.

The technique specifically targets so-called “air-gapped” computers, which are cut off from the Internet and company networks, making them the most challenging targets for hackers. Consequently, they typically carry the most sensitive information.

The LED control method, which makes it possible to steal data from isolated computers while raising minimum suspicion, was devised by researchers of the Negev (BGU) Cyber Security Research Center at Ben-Gurion University.

“The LED is always blinking as it’s doing searching and indexing, so no one suspects, even in the night. It’s very covert, actually,” researcher Mordechai Guri said, as cited by the Wired.

In a demonstration video, a drone is shown navigating into the line of sight of a computer. Once the drone locates the target, malware starts transmitting data via a hard drive LED indicator, which blinks the signal to the built-in camera on the drone.

According to the researchers, the data can be transferred at rate as fast as 4,000 bits per second with a specialized Siemens photodiode sensor on the drone. The blinking can be recorded by a camera and deciphered later.

The LED can be forced to blink at a rate of up to 6,000 times per second, which is indiscernible for humans, but potentially readable for light sensors.

“It’s possible for the attacker to do such fast blinking that a human never sees it,” Guri noted.

Of course, the technique relies on the computer being infected prior to the transmission, which can be accomplished using a USB stick or SD card.

While this type of attack is novel and hard to detect, it has one obvious drawback: the computer’s LEDs can simply be covered.

Dear readers and commenters,

We have implemented a new engine for our comment section. We hope the transition goes smoothly for all of you. Unfortunately, the comments made before the change have been lost due to a technical problem. We are working on restoring them, and hoping to see you fill up the comment section with new ones. You should still be able to log in to comment using your social-media profiles, but if you signed up under an RT profile before, you are invited to create a new profile with the new commenting system.

Sorry for the inconvenience, and looking forward to your future comments,

RT Team.

Podcasts